<?php

	require_once('../includes/config.php');
	require_once('../includes/functions.php');
	
	// Retrieve base HTML
	$pageStr = buildStandardPage();
	
	$content = '';
	
	if(isMobile()){
		$content .= 'Detected Mobile!';
	}
	else{
		$userDescriptionArray = getUserAttributes();

		if(true == isAdmin()){
		  if(false == isset($_POST['submit'])){
			  $pageStr = buildStandardPage('Delete User?','Delete User?');
			  $id = getID();
			  
			  $query = buildSelectStatement('user', array('id'=> $id));
			  $result = executeSQL($query,'Failed to delete a user.');
			  
			  $result = mysql_fetch_assoc($result);
			  $content = '<form name=deleteForm method=post action='. $_SERVER['PHP_SELF'] . '>'
						.' <input type=hidden name=id value=\'' . $id . '\'>'
						.' <table border=1 cellpadding=2 width=650>';
			  
			  // This is the information we do NOT want to display to the user.
			  unset($result['passwordhash']);
			  unset($result['salt']);
			  unset($result['roleid']);
			  unset($result['id']);
			  unset($result['answerhash']);
			  unset($result['question']);
			  
			  foreach($result as $heading => $description){
				  if($heading == 'active'){
					  if( '0' == $description){
						  $content .= '<tr><td>' . $userDescriptionArray[$heading] . '</td><td> Inactive </td></tr>';
				      }
					  else{
						  $content .= '<tr><td>' . $userDescriptionArray[$heading] . '</td><td>Active</td></tr>';
					  } 
				  }
				  else{
					  $content .= '<tr><td>' . $userDescriptionArray[$heading] . '</td><td>' . $description . '</td></tr>';
				  }
			  }
			  
			  $content .= '</table><input type=submit name=submit value=Delete >'
						.'<input type=button name=cancel value=Cancel onclick="window.location=\''. $SITE_URL . 'users/\'" ></form>';
		  }
		  else{	// The user submitted the request to delete, now do it!

			$query = buildDeleteStatement('user', $_POST['id']);
			$result = executeSQL($query, 'Failed to delete the user.');
			  
			header('Location: ' . $USERS_URL);
		  }
		}
		else{
		 $content .= $MUST_BE_SYS_ADMIN;
		}
	}
	
	$pageStr = str_Replace('<!--content-->', $content, $pageStr);
	
	/**
	 * Send the generated HTML to the client's browser
	 */
	echo $pageStr;
?>